Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
File: a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa (raw, json)
Hash identifier: QazAEp8sYvm+KvTOQo1und/jwR2KwUbgNG7z0bIKOHg=
Subject key identifier: F1:67:62:1F:6E:8B:E3:CA:9A:91:D2:3E:06:4A:4A:01:88:B2:60:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BAA5C700E286BD31E44AC328F5DB07F68BB7D2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
Signing time: Tue 01 Jul 2025 15:10:41 +0000
ROA not before: Tue 01 Jul 2025 15:10:41 +0000
ROA not after: Tue 05 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:aa:5c:70:0e:28:6b:d3:1e:44:ac:32:8f:5d:b0:7f:68:bb:7d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 1 15:10:41 2025 GMT
Not After : Aug 5 23:59:59 2025 GMT
Subject: serialNumber=fc7f11dc501d7eb4bac4272cbcdad2c1486c3f0d7e0536fac9d94acb392e36d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:49:9f:8c:52:4b:e1:27:09:22:da:34:c8:
dd:31:4b:90:d7:e7:04:f0:53:67:a8:62:f7:20:f7:
6f:eb:08:eb:1a:29:b3:a2:3b:10:94:8e:52:64:ec:
47:56:be:b3:3e:d7:c6:bd:83:dc:3e:c4:71:1a:a3:
cf:95:75:fd:22:0d:05:06:bf:91:dd:3e:04:23:9d:
42:19:e3:38:51:e8:87:6e:6b:b8:a6:95:4c:ca:e9:
9c:1e:14:7e:29:68:d7:cd:d8:62:cd:9a:79:2e:b4:
84:27:d4:c9:66:10:4b:a7:94:8a:6d:68:53:66:1c:
82:4d:4c:8d:f2:60:62:96:fc:d9:b5:2b:6b:f7:e1:
3b:c4:10:69:90:61:1c:e3:3a:8e:aa:f1:96:61:56:
6b:b5:04:98:3b:18:05:cd:d3:ca:b7:19:11:54:f5:
d7:37:65:81:63:ba:06:9a:9e:38:61:36:72:2e:80:
28:d2:47:91:f5:94:4f:a8:71:d7:ff:e0:5d:2b:ae:
67:04:a8:14:85:1d:15:07:ba:a2:74:93:cb:b3:b3:
67:cd:31:54:c5:71:e6:68:17:8f:b1:33:96:9a:a8:
16:3d:75:82:0d:33:eb:1b:08:aa:d1:89:16:6b:ed:
ee:83:de:bf:fa:73:b1:49:03:d9:72:0f:30:8e:1f:
a6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:67:62:1F:6E:8B:E3:CA:9A:91:D2:3E:06:4A:4A:01:88:B2:60:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7975abe-0cd8-4590-b58b-703fa5f4bdfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:2000::/48
Signature Algorithm: sha256WithRSAEncryption
8a:e1:84:45:e4:59:eb:67:97:ff:3d:d1:78:53:fa:ae:64:18:
bf:e5:87:48:38:5a:77:cf:06:66:f7:ba:ad:5b:08:2d:e1:2c:
ff:9e:2e:eb:bf:08:40:d7:e5:7e:21:97:2e:6f:6e:59:4e:b3:
ae:37:57:b7:05:a6:93:6e:65:9d:7d:26:e9:70:92:6a:70:8b:
84:b8:de:7b:00:d7:14:b0:71:d9:32:c0:79:5e:b2:1a:c1:f8:
65:fd:b4:b0:ba:03:76:b6:2f:54:c1:82:2f:07:8f:24:9d:ec:
09:78:70:e0:69:59:60:41:42:eb:c1:e3:85:4d:31:e9:b7:c2:
58:a4:96:94:0d:bc:de:14:15:6c:4f:ed:1d:8a:43:02:28:06:
9e:a1:22:c9:f5:66:9f:97:85:9d:83:1d:0d:7c:cf:15:95:c4:
08:c6:e9:6a:93:55:7b:56:f7:c8:98:8f:fb:9b:49:b9:a7:e4:
7e:09:77:6f:28:bb:4d:cd:8e:36:bf:38:52:bf:34:be:4b:01:
e9:76:f8:d7:78:6a:6b:34:8b:f1:3d:5f:50:75:de:fc:ac:0c:
5a:a2:d3:97:b2:fe:43:95:43:94:92:fa:f1:22:b3:1e:2c:8a:
00:5c:14:8d:06:de:73:7a:50:ea:71:b1:7d:2e:c1:63:1a:f2:
6e:64:1c:b4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUa6pccA4oa9MeRKwyj12wf2i7fSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MDExNTEwNDFaFw0yNTA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjN2YxMWRjNTAxZDdlYjRiYWM0MjcyY2JjZGFkMmMxNDg2YzNmMGQ3ZTA1
MzZmYWM5ZDk0YWNiMzkyZTM2ZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2gSZ+MUkvhJwki2jTI3TFLkNfnBPBTZ6hi9yD3b+sI6xops6I7EJSOUmTs
R1a+sz7Xxr2D3D7EcRqjz5V1/SINBQa/kd0+BCOdQhnjOFHoh25ruKaVTMrpnB4U
filo183YYs2aeS60hCfUyWYQS6eUim1oU2Ycgk1MjfJgYpb82bUra/fhO8QQaZBh
HOM6jqrxlmFWa7UEmDsYBc3TyrcZEVT11zdlgWO6BpqeOGE2ci6AKNJHkfWUT6hx
1//gXSuuZwSoFIUdFQe6onSTy7OzZ80xVMVx5mgXj7EzlpqoFj11gg0z6xsIqtGJ
Fmvt7oPev/pzsUkD2XIPMI4fprkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTxZ2If
bovjypqR0j4GSkoBiLJg1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc5NzVhYmUtMGNkOC00NTkwLWI1OGItNzAzZmE1ZjRiZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HYg
ADANBgkqhkiG9w0BAQsFAAOCAQEAiuGEReRZ62eX/z3ReFP6rmQYv+WHSDhad88G
Zve6rVsILeEs/54u678IQNflfiGXLm9uWU6zrjdXtwWmk25lnX0m6XCSanCLhLje
ewDXFLBx2TLAeV6yGsH4Zf20sLoDdrYvVMGCLwePJJ3sCXhw4GlZYEFC68HjhU0x
6bfCWKSWlA283hQVbE/tHYpDAigGnqEiyfVmn5eFnYMdDXzPFZXECMbpapNVe1b3
yJiP+5tJuafkfgl3byi7Tc2ONr84Ur80vksB6Xb413hqazSL8T1fUHXe/KwMWqLT
l7L+Q5VDlJL68SKzHiyKAFwUjQbec3pQ6nGxfS7BYxrybmQctA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:45:02 2025 by rpki-client